ioquake/ioq3
0
0
Fork 0
mirror of https://github.com/ioquake/ioq3.git synced 2024-11-10 07:11:46 +00:00
Code Issues Projects Releases Packages Wiki Activity

Fix unchecked buffer size issues in l_script.c and l_precomp.c

Browse source 
Found by Coverity.
This commit is contained in:
Zack Middleton 2014-05-25 17:02:33 -05:00
parent 078d004dc2
commit eea9fbdb61
2 changed files with 16 additions and 9 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

19
code/botlib/l_precomp.c
View file

@ -995,14 +995,14 @@ int PC_Directive_include(source_t *source)
script = LoadScriptFile(token.string);
if (!script)
{
strcpy(path, source->includepath);
strcat(path, token.string);
Q_strncpyz(path, source->includepath, sizeof(path));
Q_strcat(path, sizeof(path), token.string);
script = LoadScriptFile(path);
} //end if
} //end if
else if (token.type == TT_PUNCTUATION && *token.string == '<')
{
strcpy(path, source->includepath);
Q_strncpyz(path, source->includepath, sizeof(path));
while(PC_ReadSourceToken(source, &token))
{
if (token.linescrossed > 0)
@ -1011,7 +1011,7 @@ int PC_Directive_include(source_t *source)
break;
} //end if
if (token.type == TT_PUNCTUATION && *token.string == '>') break;
strncat(path, token.string, MAX_PATH - 1);
Q_strcat(path, sizeof(path), token.string);
} //end while
if (*token.string != '>')
{
@ -2831,6 +2831,7 @@ int PC_ExpectTokenType(source_t *source, int type, int subtype, token_t *token)
{
if ((token->subtype & subtype) != subtype)
{
strcpy(str, "");
if (subtype & TT_DECIMAL) strcpy(str, "decimal");
if (subtype & TT_HEX) strcpy(str, "hex");
if (subtype & TT_OCTAL) strcpy(str, "octal");
@ -2954,10 +2955,14 @@ void PC_UnreadToken(source_t *source, token_t *token)
//============================================================================
void PC_SetIncludePath(source_t *source, char *path)
{
strncpy(source->includepath, path, MAX_PATH);
size_t len;
Q_strncpyz(source->includepath, path, MAX_PATH-1);
len = strlen(source->includepath);
//add trailing path seperator
if (source->includepath[strlen(source->includepath)-1] != '\\' &&
source->includepath[strlen(source->includepath)-1] != '/')
if (len > 0 && source->includepath[len-1] != '\\' &&
source->includepath[len-1] != '/')
{
strcat(source->includepath, PATHSEPERATOR_STR);
} //end if

6
code/botlib/l_script.c
View file

@ -956,6 +956,7 @@ int PS_ExpectTokenType(script_t *script, int type, int subtype, token_t *token)
if (token->type != type)
{
strcpy(str, "");
if (type == TT_STRING) strcpy(str, "string");
if (type == TT_LITERAL) strcpy(str, "literal");
if (type == TT_NUMBER) strcpy(str, "number");
@ -968,6 +969,7 @@ int PS_ExpectTokenType(script_t *script, int type, int subtype, token_t *token)
{
if ((token->subtype & subtype) != subtype)
{
strcpy(str, "");
if (subtype & TT_DECIMAL) strcpy(str, "decimal");
if (subtype & TT_HEX) strcpy(str, "hex");
if (subtype & TT_OCTAL) strcpy(str, "octal");
@ -1350,7 +1352,7 @@ script_t *LoadScriptFile(const char *filename)
buffer = GetClearedMemory(sizeof(script_t) + length + 1);
script = (script_t *) buffer;
Com_Memset(script, 0, sizeof(script_t));
strcpy(script->filename, filename);
Q_strncpyz(script->filename, filename, sizeof(script->filename));
script->buffer = (char *) buffer + sizeof(script_t);
script->buffer[length] = 0;
script->length = length;
@ -1396,7 +1398,7 @@ script_t *LoadScriptMemory(char *ptr, int length, char *name)
buffer = GetClearedMemory(sizeof(script_t) + length + 1);
script = (script_t *) buffer;
Com_Memset(script, 0, sizeof(script_t));
strcpy(script->filename, name);
Q_strncpyz(script->filename, name, sizeof(script->filename));
script->buffer = (char *) buffer + sizeof(script_t);
script->buffer[length] = 0;
script->length = length;